/// <summary>Get Certificate from Vault then Transform to X509Certificate2 format</summary>
/// <returns></returns>
private void GetNewCertificateFromVault()
{
if (IsValidCertificate())
{
return;
}
var vaultKey = vaultClient.GetCertificate();
certificate = certificate2Helper.CreateCertificate(vaultKey.Certificate);
var rsaProvider = cryptoServiceProviderHelper.GetPrivateKeyProvider(vaultKey.PrivateKey);
securityKey = new RsaSecurityKey(rsaProvider);
}
/// <summary>Get Certificate from Vault then Transform to X509Certificate2 format</summary>
/// <returns></returns>
private X509Certificate2 GetNewCertificateFromVault()
{
var vaultKey = vaultClient.GetCertificate();
var privateKeyProvider = cryptoServiceProviderHelper.GetPrivateKeyProvider(vaultKey.PrivateKey);
var certificate = certificate2Helper.GetCertificate(vaultKey.Certificate);
certificate.PrivateKey = privateKeyProvider;
var certIdentifier = Guid.NewGuid();
// Need to write the certificate to file with the private key then read it back
// from a file for the JTokenHandler library to be able to sign the tokens
certificate2Helper.WriteCertificateToFile($"Idsvr-{certIdentifier}.pfx", certificate);
return(certificate2Helper.LoadCertificate($"Idsvr-{certIdentifier}.pfx"));
}